Auditing and Security ist gegenwärtig das einzige Buch auf dem Markt, das speziell für IT-Auditoren und ihre Bedürfnisse konzipiert wurde. Es erläutert detailliert, welche Sicherheitschecks absolut notwendig sind, und zwar unabhängig von der spezifischen Hardware, Software oder Architektur, die ein Unternehmen einsetzt. Hierzu hat der Autor eine Reihe nützlicher Checklisten und Diagramme zusammengestellt. Dieser maßgebliche und äußerst praxisorientierte Leitfaden enthält alle Informationen, die ein Auditor für den rigorosen Sicherheitscheck von IT-Plattformen braucht, und zwar angefangen bei Mainframes, über Workstations mittlerer Größe und PCs an den Arbeitsplätzen bis hin zu internen und externen Netzwerkverbindungen. Abgedeckt wird das gesamte Themenspektrum: Hardware und Software, Betriebssysteme, Netzwerkverbindungen, Zusammenarbeit logischer und physikalischer Sicherheitssysteme sowie ein Notfallplan. Auditing and Security - das ist topaktuelle, praxisnahe und umfassende Information in nur einem einzigen handlichen Band. Ein unverzichtbarer Ratgeber für alle IT Manager, CIOs, Auditoren und Controller. Nota de la solapa According to law enforcement figures, American corporations lose billions of dollars a year due to IT security breaches. Auditing and Security: AS/400, NT, Unix, Networks, and Disaster Recovery Plans provides the tools that an auditor needs to ensure that a company's platforms and networks are adequately protected. Auditing information systems for security requires knowledge across a wide range of disciplines beyond computer science, including management science, information security, accounting, finance, business, and human resources. This book supplies the vital information across these divergent fields that auditors, IT managers, controllers, and CIOs need to measure the security of their systems. This comprehensive volume covers the full range of issues relating to security audits-hardware, operating systems, network connections, the cooperation of logical and physical security measures, and disaster recovery planning. The author begins with an overview of the structure of information systems and their security requirements and then shows you how physical and logical security systems work together to create a safe corporate information structure. Comprehensive treatment of the different structures and security needs of AS/400, Microsoft NT, and Unix allows you to understand security requirements regardless of which computer architecture a company runs. Auditing and Security also uses helpful checklists and diagrams and a practical, rather than theoretical, method for understanding hardware, operating systems, and the networks that enable the interconnection of platforms and applications. Another important topic this volume covers is disaster recovery planning to help you ensure that IT systems and the information they safeguard are recoverable in the event of a major disruption in service or intentional destruction of data. This up-to-date resource provides all the tools you need to perform practical security audits on the entire spectrum of a company's various IT platforms-from the mainframe to the individual PC-as well as the networks that connect them to each other and to the global marketplace. Auditing and Security: AS/400, NT, Unix, Networks, and Disaster Recovery Plans is the first book on IT security written specifically for the auditor, detailing what controls are necessary to ensure a secure system regardless of the specific hardware, software, or architecture a company runs. For the companion Web site, please visit www.wiley.com/musaji. Contraportada A complete and definitive guide to auditing the security of IT systems for managers, CIOs, controllers, and auditors This up-to-date resource provides all the tools you need to perform practical security audits on the entire spectrum of a company's IT platforms-from the mainframe to the indiv
- Libro Impreso
- Edición:
- Editorial: Vintage
- Autor: Musaji, Yusufali F